I am exploring the possibilities of integrating Win2K-Active Directory
services in my application. There are few queries which is keeping me up
at night... As this is an architectural issue any minor flaw at this
stage may have unpleasant effect in future... We are developing a
centralized user management app,
Users info will be stored in AD..Initially we thought of storing it in
DB... but we require a hierarchial database which will allow quick
access to any of the element...
I would like to illustrate the centralized user management model with an
example
Client A has 3 branches located in New York, London, Mumbai...Mumbai is
the HO..Below are the hierarchy of the branches
Mumbai (HO)
New York
London
Following Users are created in 3 branches
Michael New York
Tom London
Ajay Mumbai
We have developed a windows service exe which is running in New York
,London & Mumbai. service hosted in Mumbai are called root and any
services below it are called childs. The core function of service is
authentication,session handling etc..The reason why services are hosted
in different location is to ensure 100% uptime ..i.e. if i have hosted
root service in mumbai any authentication traffic from Newyork &
London will be hitted in Mumbai, by hosting different service we are
ensuring that users from the respective region querys the most nearest
server thereby avoiding round trip to Mumbai Server, but to assure this
we need to make the full user mgmt data available to all controller,
so we thought of storing this info into AD but following are things
which we have assumed
both this 3 location will be hosting a win2k server, promoting it to DC
and finally brasdf all this 3 server under one AD forest.
The following are the problems...
1. As mentioned above it is quite possible that all 3 servers are
interconnected thru dial-up line then in such scenario how will AD
replication Work ...
2. As GC (global catalog) will be shared among all domain any changes
in GC at one end is replicated to all domains in the forest, Can i
control this replication frequency... initial i will disable the
replication at one end due to poor connectivity... once the line regain
its control i will initiate a pull replication and this time the gc must
pull out only incremental changes..
3. Do I need to open DNS port if i am behind the firewall...
4. As an alternative solution i will use SQL Server and its
replication feature i.e. We need to install sql server enterprise
edition in one of this location and at remaining location we will
install Microsoft Desktop engine and establish a replication between
MSDE & SQL EE.
I can understand that the mail is to verbose, but i have tried my best
to explain
Thx for reading the mail...
Regards
Yogesh Shetty
Team COE
Financial Technologies (India) Ltd.
URL: <http://www.ftindia.com> www.ftindia.com
mailto : <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]
contact : +91 22 6164145
You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
